To use the training, visit www.is.gd/owujez. The package is free to use, and includes knowledge checks. No login is required - just click on the link and start learning.
Mapping your supply chain is the process of recording, storing and using information gathered from suppliers who are involved in a company’s supply chain. The training explains:
what supply chain mapping is, why it’s important and how it can benefit your organisationwhat information it will typically containthe role of sub-contractors that your suppliers may usewhat this means when agreeing contracts.Gaining confidence in your supply chain describes practical steps to help organisations assess cyber security in their supply chains. The training:
describes typical supplier relationships, and ways that organisations are exposed to vulnerabilities and cyber attacks via the supply chaindefines expected outcomes and key steps to help you assess your supply chain’s approach to cyber security.
NEW OT THREAT DATABASE
Schneider Electric is developing a global operational technology (OT) risk identification and threat intelligence capability, in partnership with BitSight.
In recent years, both opportunistic and advanced cyber threat actors have shown increased willingness to target industrial and operational sites. Schneider Electric and BitSight aim to improve the security and resilience of communities by detecting OT protocols exposed over the internet and contextualizing them with improved attribution.
The aim of the collaboration is proactive security monitoring of externally observable risks to the OT community, and to strengthen industrial security and provide more visibility into industrial infrastructure and industrial control system devices that may be at risk.
BitSight co-founder Stephen Boyer said: “Operational technology systems are often exposed and vulnerable to attackers who can exploit them through connected devices and converging networks.”
Christophe Blassiau, a senior vice president at Schneider Electric, said: “With the enriched data and insight collected by BitSight, Schneider Electric is developing an OT threat intelligence capability to notify and work with customers who have exposed assets or insecure Internet-facing deployments.”
The new capability, focused on risk identification and reduction across the entirety of the OT domain, is not an exclusive arrangement between the two companies, they add. Participation is open to all OT vendors willing to share information about their products to improve risk detection and attribution capabilities.
BOX: FIND AN ADVISOR
In the past, organisations seeking help from cybersecurity expert tended to be very large and complex or be from the defence, security or banking industries, or part of the critical national infrastructure.
Today, expedited by the pandemic, the widespread adoption of digital technology for products and services has made basic cyber security essential to every business that connects to the internet. Accessibility to this protection contributes to the UK’s national security.
Despite a growing emphasis on cybersecurity, many organisations often find it hard to choose the right help to meet current guidance.
The Cyber Advisor scheme is for small and medium sized organisations across the UK aiming to improve their basic cyber security and avoid the disruption caused by some of the most common cyber attacks.
All Cyber Advisors must work for a company which has met NCSC standards and been accepted as an assured service provider.
Cyber Advisors focus on helping organisations to implement the five Cyber Essentials Technical Controls: firewalls, secure configuration, security update management, user access control and malware protection (see also pp18-19).
A list of advisors is available via www.is.gd/oferey.
For more in-depth advice, another consultancy accreditation scheme is also available: Assured Cyber Security Consultancies, of list of whom is available via www.is.gd/rixubu.